Emiridbest pfp
Emiridbest
@emiridbest
My Experience with a Wallet Compromise I recently discovered unauthorized transactions from one of my wallet addresses, and I wanted to share my experience as a cautionary tale for fellow builders in the space. What Happened? I received what appeared to be a legitimate notification on both Telegram and Warpcast, that I was being rewarded as a "top builder" through @talent and @base weekly rewards. Excited about this recognition, I followed the provided link and added the Builder Reward frame on Farcaster. I noticed I had actually been featured on a builder list about two weeks prior. However, I grew concerned when I didn't receive any tokens as promised. After noticing something was wrong, I conducted some investigations with assistance from the @thecyberverse. We discovered that the supposed "rewards" were actually being sent to the first wallet I had connected to my Talent profile—my oldest MetaMask wallet which I primarily used for testnet interactions.....
1 reply
3 recasts
5 reactions
Emiridbest pfp
Emiridbest
@emiridbest
In retrospect, I had previously suspected issues with this wallet when I sent mainnet @celo to it but never received the funds. Because of this, I had mostly avoided using it for mainnet transactions since then. Looking at BaseScan, I can now see unauthorized ETH transfers from my wallet to an unknown address. The attacker managed to extract approximately 0.107 ETH (around $193) in a transaction that occurred on April 21st, 2025. Lessons Learned 1. Discard any wallet you think has been compromised as early as you can. 2. Regularly check wallet approvals and revoke unused permissions 3. Use separate wallets for different purposes (testing vs. holding assets) 4. If you suspect a wallet has been compromised, immediately stop using it for any valuable transactions Security in web3 requires constant vigilance. The sophisticated nature of these scams—referencing real projects I was involved with and mimicking legitimate communications—shows how targeted these attacks have become. Stay safe out there, friends.
1 reply
1 recast
2 reactions
gabe 🎩 pfp
gabe 🎩
@gabedev.eth
And it’s really sad you can’t change your primary address unless you delete your @talent account and start again
1 reply
0 recast
1 reaction
Emiridbest pfp
Emiridbest
@emiridbest
I have contacted @talent and they removed the wallet from connected accounts.
1 reply
0 recast
1 reaction
gabe 🎩 pfp
gabe 🎩
@gabedev.eth
When was this ?
1 reply
0 recast
0 reaction
Emiridbest pfp
Emiridbest
@emiridbest
just the past week...the hacked wallet wasn't the primary though
1 reply
0 recast
1 reaction
gabe 🎩 pfp
gabe 🎩
@gabedev.eth
Hmm, I asked them to help me remove mine but they said it wasn’t possible unless I delete my account
1 reply
0 recast
0 reaction
Emiridbest pfp
Emiridbest
@emiridbest
I think because the account you had issues with was the primary account...right?
0 reply
0 recast
1 reaction